| # |
May 30th 2016, 17:42 |
 graziel |
no problem |
| # |
May 30th 2016, 17:41 |
huhwatnou |
slackebot, thank you! |
| # |
May 30th 2016, 17:41 |
graziel |
huhwatnou security [at] http://cakephp.org|cakephp.org |
| # |
May 30th 2016, 17:41 |
huhwatnou |
seems a good idea not to post it to a publicly accessible spot |
| # |
May 30th 2016, 17:40 |
huhwatnou |
slackebot, do you know the email address for security issues or where i can find it? |
| # |
May 30th 2016, 17:40 |
tzvika |
hmic, thanks , beforerender did the job! |
| # |
May 30th 2016, 17:39 |
hmic |
the request is available on purpose. if the data is in there, you might use it. if not, appcontroller beforerender or bevorerender eventlistener |
| # |
May 30th 2016, 17:38 |
tzvika |
yes , but if is set it in the controller it would look cleaner in layout, right? |
| # |
May 30th 2016, 17:37 |
hmic |
pro tip: the request is available from the view as from the controller, so $this->request works from the view too, which lets you access the session and auth directly |
| # |
May 30th 2016, 17:36 |
hmic |
use appcontroller beforeRender callback, or set an eventlistener for the beforeRender event |
| # |
May 30th 2016, 17:36 |
tzvika |
hmic - you are right :) |
| # |
May 30th 2016, 17:36 |
hmic |
so: how can i set a variable to be available to any view/layout? |
| # |
May 30th 2016, 17:35 |
hmic |
and your question is not about a specific view or layout in this case. |
| # |
May 30th 2016, 17:35 |
hmic |
tzvika, you could use the appcontroller |
| # |
May 30th 2016, 17:34 |
tzvika |
hmic, but thats specific to one controller, i need it in all of them |
| # |
May 30th 2016, 17:33 |
hmic |
tzvika, all vars you set are available to the view. Controller->set('username', $user->username); |
| # |
May 30th 2016, 17:33 |
unholyknight |
Is there a better way, short of combining data in the controller, to combine form fields which handle the same type relational data before saving? |
| # |
May 30th 2016, 17:32 |
tzvika |
how do i set a variable which will be avaliable to all views? for example i need to display the username in the layout |
| # |
May 30th 2016, 17:30 |
graziel |
huhwatnou if its security issue there is special mail for that kind |
| # |
May 30th 2016, 17:28 |
huhwatnou |
@hmic, forget my last remark, it does occur in 2.8.4. I will file an issue. |
| # |
May 30th 2016, 17:26 |
hmic |
Diego__, sounds good! |
| # |
May 30th 2016, 17:26 |
Diego__ |
something like: $this->User->association('Contacts')->saveStrategy('replace'); |
| # |
May 30th 2016, 17:25 |
huhwatnou |
@hmic, it does not seem to be fixed, but the issue does not occur in 2.x's current version. probably because of refactoring. |
| # |
May 30th 2016, 17:25 |
Diego__ |
hmm, i think i found something: http://api.cakephp.org/3.2/class-Cake.ORM.Association.html show the method strategy() as setter for select strategy option, there is no mention for saveStrategy() but aparently it exist and work |
| # |
May 30th 2016, 17:23 |
hmic |
huhwatnou, check if its fixed in 2.x current, if not - open an issue *PLEASE* |
| # |
May 30th 2016, 17:23 |
hmic |
it gets only executed once you iterate it... |
| # |
May 30th 2016, 17:23 |
huhwatnou |
@hmic, thank you. I will not submit the issue then, to save us all some time. |
| # |
May 30th 2016, 17:22 |
hmic |
because your sql query is invalid |
| # |
May 30th 2016, 17:22 |
LckyBy517 |
i meant i couldn't figure out why that line would cause it not to serialize |
| # |
May 30th 2016, 17:22 |
hmic |
if there is a security flaw, 2.8 is still supported and - if not already - will fix it in the next release |
| # |
May 30th 2016, 17:22 |
LckyBy517 |
yeah i know, i serialize it after :P |
| # |
May 30th 2016, 17:21 |
hmic |
huhwatnou, you are supposed to upgrade to the latest 2.x release |
| # |
May 30th 2016, 17:21 |
hmic |
even though the association does alredy exist, you could add it by the same name. if thats no help, try $table->hasMany(...) or $table->belongsToMan(...) to configure it - might not work, but looks promising |
| # |
May 30th 2016, 17:21 |
huhwatnou |
Hi guys, is 2.7.11 still supported? I just bumped on a security issue... |
| # |
May 30th 2016, 17:20 |
hmic |
Diego__, did you try using it? |
| # |
May 30th 2016, 17:18 |
hmic |
but there is no json genereated from this line anyways |
| # |
May 30th 2016, 17:18 |
hmic |
sounds odd |
| # |
May 30th 2016, 17:17 |
LckyBy517 |
i just removed the table name and just left name and it worked |
| # |
May 30th 2016, 17:17 |
LckyBy517 |
LOL i know that doesn't but if i just ended with all it was fine haha |
| # |
May 30th 2016, 17:16 |
hmic |
as i said, if lots of data, you might hit a OOM condition. these usually get reported where they are hit, so all over the place in the callstack |
| # |
May 30th 2016, 17:15 |
hmic |
this does not do any json |